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AMENDMENTS TO THE CLAIMS 

This following listing of claims will replace all prior versions and listings of claims in 
the application. 

1. (currently amended) A method facilitating remote deployment of network devices, 
comprising 

monitoring, at a network device operating in an unconfigured network address mode, 
for a configuration message, wherein the configuration message includes information 
sufficient for an initial automated remote deployment of the network device, including 
one or more of 

a name for the network device, 

a static an internet protocol (IP) address for the network device and an IP 
address for a remote network management system, wherein the network device 
is disposed on a communications path between a first network and a second 
network, and wherein configuration message is transmitted from a remote 
device on the first network and addressed to a destination host on the second 
network; 

a dynamic IP addressing protocol for the network device, 

an IP address of a network management system for the network device, 

a password for the network management system for the network device, 

an encryption protocol for the network device, 

a decryption protocol for the network device, 

one or more cryptographic keys for the network device, 

a configuration messaging protocol for the network device, 

an IP address of a gateway router for the network device, or 

one or more operational parameters for the network device; 

forwarding, in the unconfigured network address mode, all packets received 

DAL01:1013683.1 

Page 2 of 19 



Appl. No.: 10/815,405 
Amdt. Dated: June 9, 2008 

Response to Office Action Mailed: February 8, 2008 



at the network device, other than configuration messages, along the 

communications path; 
upon detection of the configuration message, configuring the network device with the 
IP address for the network device using the configuration information in the 
configuration message; and 

switching the network device to a configured mode. 

2. (currently amended) The method of claim 1 further comprising 

transmitting a message to the remote network management system device . 

3. (canceled) 

4. (currently amended) The method of claim 2 wherein the transmitting step comprises 

initiating a connection to the remote network management system device . 

5. (currently amended) The method of claim 1 further comprising 

receiving additional configuration from the remote network management system 

6. (canceled) 

7. (original) The method of claim 1 further comprising 

validating the configuration message before the configuring step. 

8. (canceled) 

9. (currently amended) A method facilitating remote deployment and configuration of 
a network device physically installed on a first network, wherein the network device is 
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initially unconfigured and operative to intercept configuration messages, comprising 

composing a configuration message including configuration information 
corresponding to [[a]] the network device , wherein the configuration information 
comprises an internet protocol (IP) address for the network device and an IP address 
for a remote network management system; and 

transmitting from a second network a configuration message to a destination 
host in the first network, wherein the network device is disposed on the 
communications path between the second network and the destination host. 

10. (currently amended) The method of claim 9 further comprising 

repeating the transmitting the configuration message step until a response to the 
configuration message is received from the network device. 

11. (currently amended) The method of claim 9 wherein the configuration information 
comprises information sufficient for the network device to establish a network 
connection with the network management system a remote device . 

12. (currently amended) The method of claim 9 wherein the configuration message 
further comprises includes configuration information including a network address for 
the network device, a sub-network mask for the first network, a network address for 
the remote device, and the network address of the gateway router corresponding to the 
first network. 

13. (original) The method of claim 11 wherein the configuration information further 
includes a cryptographic digest of the configuration information. 

14. (original) The method of claim 13 wherein the configuration information is 
encrypted with an encryption key. 
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15. (original) The method of claim 14 wherein the encryption key comprises a secret 
string of text. 

16. (original) The method of claim 15 wherein the encryption key further comprises a 
random number. 

17. (original) The method of claim 16 wherein the encryption key further comprises the 
network address of the destination host. 

18. (original) The method of claim 15 wherein the network device is pre-configured 
with the secret string of text. 

19. (original) The method of claim 14 wherein the encryption key is a symmetric 
encryption key. 

20. (original) The method of claim 14 wherein the encryption key is a private 
encryption key, and wherein the configuration information is encrypted using an 
asymmetric encryption algorithm. 

21. (previously amended) The method of claim 20 wherein the network device is 
preconfigured with an encryption key corresponding to the private encryption key. 

22. (original) The method of claim 19 wherein the symmetric encryption key is 
encrypted using an asymmetric encryption algorithm with a private encryption key. 

23. (previously amended) The method of claim 22 wherein the network device is 
preconfigured with an encryption key corresponding to the private encryption key. 
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24. (currently amended) A method facilitating remote deployment of network devices, 
comprising 

monitoring, at a network device in an unconfigured mode, for a configuration 
message transmitted by a network management system, wherein the configuration 
message includes configuration information for the network device , wherein the 
network device is disposed on a communications path between a first network and a 
second network,; 

after detection of a configuration message, validating the configuration message; 
if the configuration message is valid, configuring the network device using the 
configuration information in the configuration message^ 

if the configuration message is not valid, forwarding the configuration message 

along the communications path; and 

forwarding all messages other than configuration messages received at the 

network device along the communications path . 

25. (original) The method of claim 24 wherein the configuration message includes 
information sufficient for the network device to establish a network connection to 
network management device. 

26. (canceled) 

27. (canceled) 

28. (original) The method of claim 24 wherein the configuration information comprises 
a network address for the network device, and a network address corresponding to the 
network management system. 

29. (original) The method of claim 24 wherein the configuration information in the 
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configuration message is encrypted. 

30. (original) The method of claim 24 wherein the network device is operably connected 
to a first network comprising a gateway router having a gateway network address; 
wherein the configuration information in the configuration message comprises the 
network address of a gateway router; and wherein the validating step comprises 
determining whether the network address of the gateway router matches the gateway 
network address of the gateway router. 

31. (original) The method of claim 24 wherein the determining step comprises 
broadcasting an address resolution protocol request, including the network address in 
the configuration message, on the network. 

32. (currently amended) The method of claim 24 wherein the monitoring step 
comprises 

intercepting, at a first network interface, a configuration message transmitted by 
a network management system; 

passing other packets to a second network interface for forwarding along [[a]] 
the communications path. 

33. (original) The method of claim 24 wherein the configuration information in the 
configuration message is encrypted and wherein the validating step comprises 

decrypting the configuration information. 

34. (currently amended) A method facilitating remote deployment of network devices, 
comprising 

receiving intercepting , at a first network interface of a network device in an 
unconfigured state, a configuration message transmitted by a network management 
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system, wherein the configuration message includes configuration information for the 
network device , wherein the first network interface and a second network interface of 
the network device are operably connected to a communications path between a first 
network and a second network; 

after detection of a configuration message, validating the configuration message; 

if the configuration message is valid, configuring the network device using the 
configuration information in the configuration message^ 

if the configuration message is not valid, passing the configuration message to 

the second network interface for forwarding along the communications path; and 

passing packets other than configuration messages received at the first network 
interface to the second network interface for forwarding along the communications 
path . 

35. (original) The method of claim 34 wherein the configuration information includes 
the network address of a network management system, and wherein the method 
further comprises 

establishing a connection to the network management system using the network 
address in the configuration information. 

36. (currently amended) A network device allowing for automated, remote 
deployment, comprising 

at least one network interface first and second network interfaces, each operative 
to transmit and receive packets over a computer network; 
a processor; 

a configuration interface module comprising computer-readable instructions 
operative to cause the processor to configure the network device based on received 
configuration information; and 

a configuration daemon comprising computer-readable instructions operative to 
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cause the processor and the network device, when the network device is an 
unconfigured state, to 

receive, at the first network interface, a configuration message transmitted 
by a network management system monitor the at least ono network interface for 
configuration messages ; 

validate the configuration message messages ; and 

invoke the configuration interface module , if the configuration message is 
valid; after receipt of a valid configuration message 

pass, if the configuration message is not valid, the configuration message 

to the second network interface for forwarding along a communications path; and 

pass packets other than configuration messages received at the first 
network interface to the second network interface for forwarding along the 
communications path . 

37. (canceled) 

38. (currently amended) The network device of claim 36 wherein the configuration 
interface module is operative to configure the network device to communicate with the 
network management system a remote network device using information in the 
configuration message. 

39. (canceled) 

40. (canceled) 

41. (original) In a network environment comprising a first network and a second 
network, wherein the first network includes a gateway router allowing access to 
resources on at least the second network, a method facilitating remote configuration of 
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a network device physically installed on the first network, the method comprising 
identifying a destination host on the first network, wherein an unconfigured 

network device is disposed on the communications path between the gateway router 

and the network device, wherein the network device is operative, in an unconfigured 

mode, to intercept configuration messages; 

transmitting a configuration message to the first network, wherein the 

configuration message is addressed to the destination host. 

42. (original) The method of claim 41 wherein the configuration message is formatted in 
a manner that causes the destination host to ignore the configuration message. 

43. (original) The method of claim 41 wherein the configuration message is formatted in 
a manner that causes the destination host to discard the configuration message. 

44. (original) The method of claim 41 wherein the configuration message is formatted 
according to a protocol that is not implemented by the destination host. 

45. (original) The method of claim 41 wherein the configuration message is formatted 
according to a protocol that is not understood by the destination host. 

46. (original) The method of claim 41 wherein the configuration message includes 
information sufficient for the network device to establish a network connection with a 
remote device. 

47. (original) The method of claim 46wherein the configuration message includes a 
network address for the network device, a sub-network mask for the first network, a 
network address for the remote device, and the network address of the gateway router. 
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48. (original) A method facilitating remote, automated deployment of a network device 
on a network, comprising 

establishing, in an unconfigured mode, a connection with a remote device for 
configuration information; 

providing, during the connection, a hardware profile of a network device; 

receiving configuration information from the remote device based on the 
hardware profile. 

49. (original) The method of claim 48 further comprising 

obtaining a network address before the establishing step. 

50. (original) The method of claim 49 wherein the network address is a dynamic IP 
address obtained from a DHCP server. 

51. (original) The method of claim 48 further comprising 

gathering network topology information characterizing the topology of the 
network to which the network device is attached; and 

providing the network topology information to the remote device; and 
wherein the configuration information received from the remote device is based on the 
hardware profile and the network topology information. 

52. (original) The method of claim 51 wherein the network topology information 
comprises information concerning at least one host neighboring the network device. 

53. (original) The method of claim 51 wherein the network topology information 
comprises the subnetworks accessible to the network device. 

54. (original) The method of claim 48 wherein the establishing step is performed in 
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response to the receipt of a configuration message transmitted by the remote device. 

55. (original) The method of claim 54 wherein the configuration message is addressed 
to the broadcast address of the network. 

56. (original) The method of claim 50 wherein the network comprises a DHCP server 
operative to provide the network address of the remote device in a field associated with 
a DHCP response transmitted to the network device. 

57. (original) The method of claim 48 wherein a second network device connected to 
the network is operative to broadcast the network address of the remote device. 

58. (original) The method of claim 48 wherein the network comprises a second network 
device operative to transmit the network address of the remote device in response to a 
request; and wherein the method further comprises 

broadcasting a request for the network address of the remote device. 
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